Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Ping between PIX remote peers

From: "Utz, Ralph" <rutz () realtime-it com>
Date: Wed, 3 May 2006 17:13:23 -0500
"PIX will not send traffic out the same interface it came in on"

Applies to all versions of PIX IOS less than v7

-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Juan
Pablo Feria Gomez
Sent: Friday, April 28, 2006 8:57 AM
To: firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] Ping between PIX remote peers

192.168.51.0 -|router|--/dsl/--|   |
-                                       |PIx|---172.16.10.0(lan behind
pix)
192.168.50.0 -|router|--/dsl/--|   |


I Tried to add static routes announcing the remote network reachable
through the 172.16.10.x ip on the router with no luck, the trace to
the remote network always get  * * * on the first hop.

in my vpn setup  routers knows the vpn networks by access lists,  Are
there a way to setup a virtual interface & IP to the vpn peers?


Ralph: A friend told me that his vpn peers can have communication, but
he has pix as tunnel endponints on the 2 sites, (i have routers), does
apply here what you said? "PIX will not send traffic out the same
interface it came in on" or using pix as endpoint is different?



Thanks in advance
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: